mirror of
https://github.com/10h30/ultimatemember.git
synced 2026-06-05 15:09:37 +09:00
Merge pull request #807 from ultimatemember/fix/can_edit_private_profiles
Private profiles editing
This commit is contained in:
Nikita Sinelnikov
@@ -643,13 +643,18 @@ if ( ! class_exists( 'um\core\Roles_Capabilities' ) ) {
|
||||
$return = 0;
|
||||
}
|
||||
} else {
|
||||
if ( ! um_user( 'can_edit_everyone' ) ) {
|
||||
|
||||
if ( ! um_user( 'can_access_private_profile' ) && UM()->user()->is_private_profile( $user_id ) ) {
|
||||
$return = 0;
|
||||
} else {
|
||||
if ( um_user( 'can_edit_roles' ) && ( empty( $current_user_roles ) || count( array_intersect( $current_user_roles, um_user( 'can_edit_roles' ) ) ) <= 0 ) ) {
|
||||
if ( ! um_user( 'can_edit_everyone' ) ) {
|
||||
$return = 0;
|
||||
} else {
|
||||
$return = 1;
|
||||
if ( um_user( 'can_edit_roles' ) && ( empty( $current_user_roles ) || count( array_intersect( $current_user_roles, um_user( 'can_edit_roles' ) ) ) <= 0 ) ) {
|
||||
$return = 0;
|
||||
} else {
|
||||
$return = 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1294,42 +1294,38 @@ function um_pre_profile_shortcode( $args ) {
|
||||
*/
|
||||
extract( $args );
|
||||
|
||||
if ( $mode == 'profile' && UM()->fields()->editing == false ) {
|
||||
UM()->fields()->viewing = 1;
|
||||
|
||||
if ( um_get_requested_user() ) {
|
||||
if ( ! um_can_view_profile( um_get_requested_user() ) && ! um_is_myprofile() ) {
|
||||
um_redirect_home( um_get_requested_user(), um_is_myprofile() );
|
||||
if ( $mode == 'profile' ) {
|
||||
if ( UM()->fields()->editing ) {
|
||||
if ( um_get_requested_user() ) {
|
||||
if ( ! UM()->roles()->um_current_user_can( 'edit', um_get_requested_user() ) ) {
|
||||
um_redirect_home( um_get_requested_user(), um_is_myprofile() );
|
||||
}
|
||||
um_fetch_user( um_get_requested_user() );
|
||||
}
|
||||
|
||||
if ( ! UM()->roles()->um_current_user_can( 'edit', um_get_requested_user() ) ) {
|
||||
UM()->user()->cannot_edit = 1;
|
||||
}
|
||||
|
||||
um_fetch_user( um_get_requested_user() );
|
||||
} else {
|
||||
if ( ! is_user_logged_in() ) {
|
||||
um_redirect_home( um_get_requested_user(), um_is_myprofile() );
|
||||
}
|
||||
UM()->fields()->viewing = 1;
|
||||
|
||||
if ( ! um_user( 'can_edit_profile' ) ) {
|
||||
UM()->user()->cannot_edit = 1;
|
||||
if ( um_get_requested_user() ) {
|
||||
if ( ! um_can_view_profile( um_get_requested_user() ) && ! um_is_myprofile() ) {
|
||||
um_redirect_home( um_get_requested_user(), um_is_myprofile() );
|
||||
}
|
||||
|
||||
if ( ! UM()->roles()->um_current_user_can( 'edit', um_get_requested_user() ) ) {
|
||||
UM()->user()->cannot_edit = 1;
|
||||
}
|
||||
|
||||
um_fetch_user( um_get_requested_user() );
|
||||
} else {
|
||||
if ( ! is_user_logged_in() ) {
|
||||
um_redirect_home( um_get_requested_user(), um_is_myprofile() );
|
||||
}
|
||||
|
||||
if ( ! um_user( 'can_edit_profile' ) ) {
|
||||
UM()->user()->cannot_edit = 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ( $mode == 'profile' && UM()->fields()->editing == true ) {
|
||||
UM()->fields()->editing = 1;
|
||||
|
||||
if ( um_get_requested_user() ) {
|
||||
if ( ! UM()->roles()->um_current_user_can( 'edit', um_get_requested_user() ) ) {
|
||||
um_redirect_home( um_get_requested_user(), um_is_myprofile() );
|
||||
}
|
||||
um_fetch_user( um_get_requested_user() );
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
add_action( 'um_pre_profile_shortcode', 'um_pre_profile_shortcode' );
|
||||
|
||||
|
||||
@@ -1575,10 +1575,6 @@ function um_can_view_field( $data ) {
|
||||
* @return bool
|
||||
*/
|
||||
function um_can_view_profile( $user_id ) {
|
||||
if ( UM()->roles()->um_current_user_can( 'edit', $user_id ) ) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if ( ! is_user_logged_in() ) {
|
||||
return ! UM()->user()->is_private_profile( $user_id );
|
||||
}
|
||||
@@ -1608,6 +1604,7 @@ function um_can_view_profile( $user_id ) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
um_fetch_user( $temp_id );
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -158,11 +158,13 @@ The plugin works with popular caching plugins by automatically excluding Ultimat
|
||||
= 2.1.17: April 14, 2021 =
|
||||
|
||||
* Enhancements:
|
||||
- Added: Activation link expiration setting (#803)
|
||||
- Added: 'Owner and specific roles' privacy type for the Profile tabs (#773)
|
||||
- Added: Hooks `um_before_email_notification_sending` and `um_after_email_notification_sending` regarding #743 pull-request
|
||||
- Added: Hooks for integration member directory filters with different conditions for query to DB
|
||||
|
||||
* Bugfixes:
|
||||
- Fixed: Editing private profiles capability. Removed the priority for "Can edit other member accounts?" capability when the account is private. (#805)
|
||||
- Fixed: PHP notice when the admin filtering field has the not array default value (e.g. bool)
|
||||
- Fixed: The conflict with [Disable Blog](https://wordpress.org/plugins/disable-blog/) plugin regarding this [issue](https://wordpress.org/support/topic/ultimate-member-file-image-download/). `download_routing` callback has the highest priority now.
|
||||
- Fixed: Fields privacy functionality. This function `um_can_view_field()` has been rewritten (#780)
|
||||
|
||||
Reference in New Issue
Block a user